What can be defined as a table of subjects and objects indicating what actions individual subjects can take upon individual objects?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The matrix lists the users, groups and roles down the left side and the resources and functions across the top.
The cells of the matrix can either indicate that access is allowed or indicate the type of access.
CBK pp 317 - 318
AIO3, p.
169 describes it as a table if subjects and objects specifying the access rights a certain subject possesses pertaining to specific objects.
In either case, the matrix is a way of analyzing the access control needed by a population of subjects to a population of objects.
This access control can be applied using rules, ACL's, capability tables, etc.
"A capacity table" is incorrect.
This answer is a trap for the unwary -- it sounds a little like "capability table" but is just there to distract you.
"An access control list" is incorrect.
"It [ACL] specifies a list of users [subjects] who are allowed access to each object" CBK, p.
188Access control lists (ACL) could be used to implement the rules identified by an access control matrix but is different from the matrix itself.
"A capability table" is incorrect.
"Capability tables are used to track, manage and apply controls based on the object and rights, or capabilities of a subject.
For example, a table identifies the object, specifies access rights allowed for a subject, and permits access based on the user's posession of a capability (or ticket) for the object." CBK, pp.
191-192
To put it another way, as noted in AIO3 on p.
169, "A capabiltiy table is different from an ACL because the subject is bound to the capability table, whereas the object is bound to the ACL." Again, a capability table could be used to implement the rules identified by an access control matrix but is different from the matrix itself.
References: CBK pp.
191-192, 317-318 - AIO3, p.
169
The table of subjects and objects that indicate what actions individual subjects can take upon individual objects is called an Access Control Matrix (ACM).
An ACM is a security model used to define and manage access control in a system. It represents a table with subjects listed on one axis and objects listed on the other axis. Each cell in the matrix represents the set of access rights or permissions that a particular subject has over a particular object.
An Access Control Matrix can be categorized into two types:
Discretionary Access Control Matrix: A discretionary Access Control Matrix allows the owner or administrator of an object to control access to it. Each cell in the matrix is owned by the subject to which it pertains. Therefore, each subject can modify its own row in the matrix to grant or revoke access to its objects.
Mandatory Access Control Matrix: In Mandatory Access Control, the system administrator or security administrator controls the access control matrix. The administrator assigns each subject a security clearance level, and each object is assigned a classification level. Access rights are granted based on a set of predefined rules, such as a subject's clearance level being greater than or equal to an object's classification level.
In contrast to an Access Control Matrix, a capability table (option D) is a data structure that lists the specific capabilities or permissions granted to a subject. A capacity table (option A) is not a standard term in computer security and is not related to access control.
Therefore, the correct answer to the question is C. An Access Control Matrix.